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oweeping changes 


Monolithic Microservices 
Standalone software Integrated services 
Self-contained Service mesh 
APIs ‘Functions as a Service’ 
Waterfall Agile 
IT DevOps 
Enterprise loT, OT, consumer 
Networks DG 
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Bet on the future, at the risk of 


under-investing in current traction? 


Or double down on current success 
- but risk missing out on 
tomorrow s opportunities? 


Here comes 


the ΒΟΟΜΙ.. 


It's not just about adoption... 


Primary workload deployment venue Pre- born in 
the cloud’ 
incumbents 
showing strain 


laaS/Paas 
SaaS 


Third-party colocation environment 
Increase from 


NNO/ += ANO/ 


ET The Motley Fool 


Hosted private cloud 


On-premises private cloud infrastructure 


Is Symantec a Broken 
Company or a Broken Stock? 


αλλ.” 


BUSINESS C e 
INSIDER TECH FINANCE  BIPRIME INTELLIGENCE ALL um CTS a Q 


The CEO of $4 billion McAfee explains how to 
know when to cut your losses on a project and 
change course 


On-premises 'traditional' IT infrastructure 


2019 2021 
(n=885) (n=849) 


Q. Thinking about all of your organization's workloads/applications, where are the majority of these 
currently deployed? Q. And thinking about all of your organization's workloads/applications, where 
451RESEARCH.COM will the majority of these be deployed two years from now? 
©2019 451 Research. All Rights Reserved. ^ Source: 451 Research's Voice of the Enterprise: Digital Pulse, Workloads & Key Projects 2019 


Implications 


No single point 3 Polyglot A lot of 
of control applications interconnections 
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Security has lots of opportunities... 


» Operational container & platform security 
> Dynamic app sec testing  » Secure orchestration 
» Operational protections 


» Software composition analysis 
» Developer training 


ME 
MONITOR 


PLAN CODE BUILD TEST RELEASE DEPLOY 


» Static app ser testing  » Defining container > Gating for security 
> Source security security policy, compliance 
integrated with » Runtime app sec E 
MEE | heck 
the IDE Vulnerability checks 


» Vulnerability assessment 
» Threat activity monitoring 
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But they don't 
exactly love us... 


» Pace 


» Functional and business 
requirements first 


» What's the incentive for developers? 


> Toolchain integration 
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Stay Up WILII UIE Id LESL. 


One challenge you'll face as you go down this road is: security. 


I know, I dy have a hate- 


I know, I know. As developers, you probably already have a hate- 


hate relationship with security 


protection, transport/network, etc) I'm going to concentrate this 
post mostly on how microservices communicate with each other and 


some of the problems that arise. 


Traditionally, we've assumed that networking 
houndariac /narim i 


nd each shop has its own toolset preferences 


PERIODIC TABLE OF DEVOPS TOOLS (V3) EMBED DOWNLOAD 


Open Source a Source Control Mgmt. Π Deployment B» 


Free e? Database Automation Pal Containers E] Monitoring XI S | 
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Freemium E) Continuous Integration a Release Orchestration 图 Security 
XebiaLabs Sumo Logic 
i ; j XL Release 
Paid Is 
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En 
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En 
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32 
FitNesse i i UrbanCode CACD 
Director 


43 51 Fm 
Ja Om 
Jasmine il OpenMake 


61 


Ga Tt 


Gatling Tricentis ElectricCloud 
Tosca 


En 


73 Fm 84 
BitBucket [Perforce — | cl Micro Focus i ElasticBox | CA Automic Codefresh 
HelixCore sah 


En ER 96 


[a] XebiaLabs M Nr Ad Sg Sr 


XebiaLabs New Relic AppDynamics| Signal SonarQube 
XL Impact ST Sciences 
W Follow @xebialabs m 
Publication Guidelines 
Sw 


Download ServiceNow CollabNet Agile Central i Pagerduty Veracode 
VersionOne ji 
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What about all 
the 'things'? 


t more 


A DI 


complexity 


o 
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Okay, a LOT more complexity 


In the enterprise*: Total connected loT devices (in billions of units) 


2019 2020 2021 2022 2023 2024 


*Not including consumer devices (e.g. PCs, smart TVs, game consoles) 
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going to find 
the software 
to power all 
the things? 


Ὁ 
三 
s— 
σσ 
o 
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m 
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E 


GitHub 


November 8, 2018 - Community, Featured, Insights, Product 


Thank you for 100 million 
repositories Microsoft to acquire GitHub for $7.5 billion 


e Jason Warner June 4, 2018 | Microsoft News Center 
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Sources: https://¢ 
://news.microso Cam) 3018706704 


microsoft-to-acqui 


Vulnerability remediation and the 
‘Russian doll’ of open source 


Example: Struts 2 vulnerability 
> ...which extends the Java Servlet API 


» ..had a vulnerability in OGNL (remote 
code execution exposure) 


> which is incorporated in Jakarta 


> ...which was part of Apache 
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~ Let’s get 
"em all on 
the network! 
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How many people? 
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It’s all about proof 


Under what conditions? f To which targets? 


E users Decision-making: Fine-grained 
Al/ML-enabled .,, access control - 
m N Partners Qi 
AUTHENTICATION 


e 


aud e IT endpoints . 
WITH SECURITY FOR DATA THROUGHOUT 


'M2M' 


m ES. Applications， cloud resources, 
APIs, SaaS, etc. 

n validation 
...and, oh yeah, DATA 
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Now, multiply 
each decision on 
+ scale of billions. 
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Expand 
your 


thinking 
about... 


Security analytics 


It can't all be done in one place 


Distributed compute now 
may be nothing compared 
to what's coming 
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People with no idea about Al 


saying it will take over the world: My Neural Network: 


PAT remi 


451RESEARCH.COM Twitter: @MVLibertas (Mat Vaillancourt) 
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Gell: "il Distributed analytics 
| = and control fits other 


emerging patterns 


» Ways to distribute high-volume analysis 


» (And offload compute for less capable 
endpoints) 


» Edge - or ‘fog’ - computing 


» Stream analytics 


» ‘Zero trust access enforcement 


EISES 
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Sources of security insight - 
talking to each other, too 


Legacy resources ` Third-party services 


| | > Reputation rs, 
a > οι Πο ον SaaS 
"s > Policy : | 


CSPs 


Partners … Functions as a service 
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Automation: Similar patterns here, too 


IT AUTOMATION 


Security Automation & 
Orchestration (SOAR') 


CI/CD 


Robotic Process 
Automation (RPA) 
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GitOps: Putting security inline with CI/CD 


» Automated pipelines deploy changes to infrastructure when 
changes are made to Git (using ‘diff,’ Sync tools) 


» Helps isolate credential leakage across boundaries 
» Performs actions on pull request 


> Check for vulnerabilities embedded in packages 

» Report or block actions when vulns are present 
OSS Repo » Scan for non-secure implementations 

p Recommend - and where able, automate - fixes 


Prod 
Code Repo Image Repo EE 
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GitOps, or Why the Future Has No 
Dashboards 


February 13th 2019 WY TWEET THIS 


br 


say yes 5 
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Role of Citizen Data Scientist in Today's Business 


By Shivam Arora 


are 
we going to 
source all this? 


\ e 


a 
Δ WU. Em. 


Code/No-Code 
Movement: More 
Disruptive Than 
You Realize 


MEET THE 


Citizen Develop cP | 


The 'GitHub-ification' of security 


MITRE ATT&CK™ Navigator 


selection controls layer controls technique controls 


Oo sx B.+BQ -, |, © 


Initial Access Execution Persistence Privilege Defense Evasion Credential Discovery Lateral Collection Exfiltration Comme 
Escalation Access Movement Control 


10 items 33 items 58 items 28 items 63 items 19 items 20 items 17 items 13 items 9 items 21 item: 


Drive-by AppleScript „bash_profile and Access Token Access Token Account Account AppleScript Audio Automated Commo 


mpromi ipulation ipulation 'anipulation i r iltrati r 
Compromise CMSTP bashrc Manipulation Manipulatio Manipulatio Discovery Application Capture Exfiltration Port 


Exploit Public- c : Accessibility Accessibility Binary Padding Bash History Application Deployment Automated Data Commu 
Facing ommand-Line Features Features Window Software Collection Compressed Throug! 
Interface BITS Jobs Brute Force 


Application Discovery Remove 


c Account AppCert : Distributed Clipboard Data Medi 
x " i edia 
Hardware Compiled HTML Manipulation DLLs Bypass User Account Credential Browser Component Data Encrypted 


" File Control Dumping - 
Additions Bookmark Object Model Connec 
= c panel AppCert DLLs Appinit DLLs Clear C d Credentials i Discovery : Data from Data Transfer Proxy 
Replication ontrol Pane . Il er GOMMAN redentials in Exploitation Information ` Size Limits 
Items Applnit DLLs Application History Files 


Through Shimmin File and of Remote Repositories Exfiltration Custom 
Ir η Π 
Removable Dynamic Data Application 9 CMSTP Credentials in ` Directory Services 


" 1 Data from Over 
Media immi i Discover 
Exchange Smeg reb aa Code Signing Registry y Logon Scripts Local System Alternative 
Spearphishing Execution through Authentication : : Exploitation for Network Protocol Custom 
Attachment ^ Ap Package Control Compiled HTML File Gragential Service a s reg Exfiltrat Cryptoc 
be DLL Search c Fi re Access Scanning E COM Xfiltration ` Protoca 
Spearphishing Execution through BITS Jobs arene eee Shared Drive Over 


i Order Pass the 
Link " Network Command Data En 
Module Load Bootkit Hijacking Component Object Forced Ticket Data from ` and Control 


ο icati Share 
Spearphishing Exploitation for Model Hijacking — Removable Channel Data 


h à i Discover a 
via Service Client Execution Browser Dylib y Remote Media Obfusci 


i iiacki Control Panel Items Hooking 
Extensions Hijacking Network Desktop Exfiltration 


Supply Chain Graphical User SES Input Capture wn Protocol Data Staged Domain 
Compromise ^ inte face Change Default Exploitation  DCShadow pur Cap Sniffing | | ex Be 
File Association for Privilege ^ peobtuscate/Decode Input Prompt ^ Password Remo rm EN pe Fallbaci 
Trusted InstallUtil Escalation 9 : ^ Copy Collection ` Medium Channe 
Kap : Files or Information Policy 
Relationship Component | ς : | 
Launchcti Firmware Extra Window Disabling Security | Discovery Remote Input Exfiltration ` Multi-he 
Valid Accounts Memory Keychain Services Capture Over Physical 


^ue Peripheral 
Local Job Injection $ 
eduling — LLMNR/NBT- Device Replic À legend 


Comma 
Control 


Kerberoasting 


[he 'GitHub-ification' of analytics 


Jupyter 


Notebooks 


notebooks 

Name 

m audio 

m images 
Altaicipynb 
Cpp.ipynb 
Data ipynb 
Fasta.ipynb 
Julia.ipynb 
orenz.ipynb 
lorenz.py 
Ripynb 
untitled de 

D untitied1 dio 
untitled? dio 
untitied3 dio 
untitiedä dio 
untitled dio 


untitled6. dio 
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Kernel 


Tabs 


a 


Settings Help 


Markdown + 


In Depth: Linear Regression 


Just as naive Bayes (discussed earlier in ve Bay 


regression tasks. Such models are popular because they can be fit very quickly, and are very interpretable. You are probably familiar with 


Python 3 


ation) is a good starting point for classification tasks, linear regression models are a good starting point for 


(e, fitting a straight line to data) but such models can be extended to model more complicated 


In this section we vill start with a quick intuitive walk-through of the mathematics behind this wel 


generalized to account for more complicated patterns in data. 


Webeginw — File Edit View Run Kernel Tabs Settings 


*natplott δὰ 1><font 
inport ma '#137626">pyt</font>hon 
inport se 


import ni ©) 19137626">e</ font»booke/hl 


Simple e 


We will stat 
Raw NBConvert Format 
where als) 


Consider tl ^ ^ Advanced Tools 


rng = apa P Cou Metadata 
x = 10% 


y = 224 
pit. seati 


Notebook Metad: 


"kernelspec": ( 
"display name": "Python 
"language": "python", 
name": "python3" 

» 

"language info": ( 
“codemirror_mode": 4 

"nane": "ipython", 
"version 


Wd 
"mimetype": "text/x-python", 
"name": "pytho 
"nbconvert. exporter" 

"python", 

"pygnents_lexer" 
1python3” 
"version": "3.6.7" 
D 
toc-autonunber ing 
"toc-showcode" : " 
toc-shownarkdown txt": 
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Help 


3 Launcher 


Notebook 


a 


phylogenetics 
(Python 3.7) 


* Julla.ipynb 


a + x 


Julia 


using RDatasets, Gadfly 
płotldataset("datasets","iris"), x="Se 


Eigen{Complex{Float64}, Complex(Float 
64},Array{Complex{Floaté4}, 2}, Array{Co 
aplex(Float64),1)) 
eigenvalues 
le-element Array{Complex{Floaté4}, 1}: 
4.793881566545466 + 0.0im 
οσο σσ 


the simplest form of a linear regression model 


known problem, before seeing how before moving on to see how linear models can be 


本 Altalripynb e ” 避 Output View 


Seattle Weather: 2012-2015 


400 450 500 


Number of Records 


^| R.ipynb 


Markdown 


*natplotlib inline 
from ipywidgets import interactive, fixed 


explore the Lorenz system of differential 


equations: 


= ix) 


Let's change (a, f), p) with ipywidgets and 
examine the trajectories. 


from lorenz import solve Aeren 


w = interactivelsolve_lorenz, sigme=( 


interactive(children-[FloatSlider(valu 
18.0, description-'sigma', max-50.0), Flo 
atSlider(value=2. 666666666666... 


Markdown 


ggplot(datawiris, aes(x=Sepat.Len 


head(iris) 


Sepal Length 


Mode: Command @ 


SepalWidth Petal.Length 


30 


Ln 1, Col 1 


mm 
14 


Lerenzipynb 


gWhat e 
going to be? 
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